Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

KOOBFACE - Facebook attacks continue to evolve

Trend Micro offers an insightful review of how Koobface (Facebook spelled backwards) continues to survive despite efforts by all security firms to stop these attacks.  Several research reports are available from Trend in the links below.

The Evolution of KOOBFACE: A Web 2.0 Botnet
http://blog.trendmicro.com/the-evolution-of-koobface-a-web-2-0-botnet/

QUOTE: The KOOBFACE botnet continuously evolves to keep on generating profit for its perpetrators. The fact that the botnet is still alive shows that the cybercriminals behind it are making a fortune off it.  Some of the major changes the botnet has undergone from when we started unmasking it include the following:

1.  Using proxy command-and-control (C&C) servers
2.  Encrypting the gang members’ C&C communications
3.  Banning IP addresses from repeatedly accessing KOOBFACE-controlled sites
4.  Introducing new binary components
5.  Employing several layers of binary protection with the use of more complex packers

RESEARCH REPORTS AVAILABLE ON KOOBFACE ATTACKS